Overview
overview
10Static
static
772f633f58d...18.exe
windows7-x64
1072f633f58d...18.exe
windows10-2004-x64
10$PLUGINSDI...nt.dll
windows7-x64
3$PLUGINSDI...nt.dll
windows10-2004-x64
3$PLUGINSDI...nd.dll
windows7-x64
10$PLUGINSDI...nd.dll
windows10-2004-x64
10$PLUGINSDI...dl.dll
windows7-x64
3$PLUGINSDI...dl.dll
windows10-2004-x64
3$PLUGINSDI...em.dll
windows7-x64
10$PLUGINSDI...em.dll
windows10-2004-x64
10$PLUGINSDI...te.dll
windows7-x64
3$PLUGINSDI...te.dll
windows10-2004-x64
3$PLUGINSDI...gs.dll
windows7-x64
3$PLUGINSDI...gs.dll
windows10-2004-x64
3$PLUGINSDI...om.dll
windows7-x64
10$PLUGINSDI...om.dll
windows10-2004-x64
10$PLUGINSDIR/xml.dll
windows7-x64
10$PLUGINSDIR/xml.dll
windows10-2004-x64
10$TEMP/$_89...in.dll
windows7-x64
10$TEMP/$_89...in.dll
windows10-2004-x64
10OpenAL32.dll
windows7-x64
10OpenAL32.dll
windows10-2004-x64
10SDL.dll
windows7-x64
1SDL.dll
windows10-2004-x64
1cg.dll
windows7-x64
10cg.dll
windows10-2004-x64
10cgGL.dll
windows7-x64
10cgGL.dll
windows10-2004-x64
10glew32.dll
windows7-x64
3glew32.dll
windows10-2004-x64
3protozoa.exe
windows7-x64
10protozoa.exe
windows10-2004-x64
10General
-
Target
72f633f58d227097bfdecfe376d43a33_JaffaCakes118
-
Size
8.2MB
-
Sample
240525-xt72zseg9t
-
MD5
72f633f58d227097bfdecfe376d43a33
-
SHA1
326ddce87207893711a87ba68b53a61da368947c
-
SHA256
c65046f87d5ceebfe71df19347ce5e768354b4a160d9b9f5b4a753c5dab06ff2
-
SHA512
ed8c23be8ca9126b7870c0cdb6c0d8cb20213b1d5b8781db6f6574825e5fcb982c6a11890f0afd4165cf8b07b824bb401f3b7b916a85548c8f74b2dbf4714556
-
SSDEEP
196608:uB0vB4AxB1OsjEO99SacEYaokwEfV5vrI4FgBDpbY:uBG4oSagb/2jIkgTbY
Behavioral task
behavioral1
Sample
72f633f58d227097bfdecfe376d43a33_JaffaCakes118.exe
Resource
win7-20240508-en
Behavioral task
behavioral2
Sample
72f633f58d227097bfdecfe376d43a33_JaffaCakes118.exe
Resource
win10v2004-20240508-en
Behavioral task
behavioral3
Sample
$PLUGINSDIR/ButtonEvent.dll
Resource
win7-20240221-en
Behavioral task
behavioral4
Sample
$PLUGINSDIR/ButtonEvent.dll
Resource
win10v2004-20240508-en
Behavioral task
behavioral5
Sample
$PLUGINSDIR/MyNsisExtend.dll
Resource
win7-20240508-en
Behavioral task
behavioral6
Sample
$PLUGINSDIR/MyNsisExtend.dll
Resource
win10v2004-20240426-en
Behavioral task
behavioral7
Sample
$PLUGINSDIR/NSISdl.dll
Resource
win7-20240221-en
Behavioral task
behavioral8
Sample
$PLUGINSDIR/NSISdl.dll
Resource
win10v2004-20240508-en
Behavioral task
behavioral9
Sample
$PLUGINSDIR/System.dll
Resource
win7-20240508-en
Behavioral task
behavioral10
Sample
$PLUGINSDIR/System.dll
Resource
win10v2004-20240226-en
Behavioral task
behavioral11
Sample
$PLUGINSDIR/locate.dll
Resource
win7-20240221-en
Behavioral task
behavioral12
Sample
$PLUGINSDIR/locate.dll
Resource
win10v2004-20240508-en
Behavioral task
behavioral13
Sample
$PLUGINSDIR/nsDialogs.dll
Resource
win7-20240221-en
Behavioral task
behavioral14
Sample
$PLUGINSDIR/nsDialogs.dll
Resource
win10v2004-20240426-en
Behavioral task
behavioral15
Sample
$PLUGINSDIR/nsRandom.dll
Resource
win7-20240508-en
Behavioral task
behavioral16
Sample
$PLUGINSDIR/nsRandom.dll
Resource
win10v2004-20240426-en
Behavioral task
behavioral17
Sample
$PLUGINSDIR/xml.dll
Resource
win7-20240508-en
Behavioral task
behavioral18
Sample
$PLUGINSDIR/xml.dll
Resource
win10v2004-20240508-en
Behavioral task
behavioral19
Sample
$TEMP/$_89_/MyNsisSkin.dll
Resource
win7-20240221-en
Behavioral task
behavioral20
Sample
$TEMP/$_89_/MyNsisSkin.dll
Resource
win10v2004-20240226-en
Behavioral task
behavioral21
Sample
OpenAL32.dll
Resource
win7-20240221-en
Behavioral task
behavioral22
Sample
OpenAL32.dll
Resource
win10v2004-20240426-en
Behavioral task
behavioral23
Sample
SDL.dll
Resource
win7-20240508-en
Behavioral task
behavioral24
Sample
SDL.dll
Resource
win10v2004-20240508-en
Behavioral task
behavioral25
Sample
cg.dll
Resource
win7-20231129-en
Behavioral task
behavioral26
Sample
cg.dll
Resource
win10v2004-20240508-en
Behavioral task
behavioral27
Sample
cgGL.dll
Resource
win7-20240419-en
Behavioral task
behavioral28
Sample
cgGL.dll
Resource
win10v2004-20240426-en
Behavioral task
behavioral29
Sample
glew32.dll
Resource
win7-20240220-en
Behavioral task
behavioral30
Sample
glew32.dll
Resource
win10v2004-20240226-en
Behavioral task
behavioral31
Sample
protozoa.exe
Resource
win7-20240221-en
Malware Config
Targets
-
-
Target
72f633f58d227097bfdecfe376d43a33_JaffaCakes118
-
Size
8.2MB
-
MD5
72f633f58d227097bfdecfe376d43a33
-
SHA1
326ddce87207893711a87ba68b53a61da368947c
-
SHA256
c65046f87d5ceebfe71df19347ce5e768354b4a160d9b9f5b4a753c5dab06ff2
-
SHA512
ed8c23be8ca9126b7870c0cdb6c0d8cb20213b1d5b8781db6f6574825e5fcb982c6a11890f0afd4165cf8b07b824bb401f3b7b916a85548c8f74b2dbf4714556
-
SSDEEP
196608:uB0vB4AxB1OsjEO99SacEYaokwEfV5vrI4FgBDpbY:uBG4oSagb/2jIkgTbY
-
Executes dropped EXE
-
Loads dropped DLL
-
-
-
Target
$PLUGINSDIR/ButtonEvent.dll
-
Size
4KB
-
MD5
fad9d09fc0267e8513b8628e767b2604
-
SHA1
bea76a7621c07b30ed90bedef4d608a5b9e15300
-
SHA256
5d913c6be9c9e13801acc5d78b11d9f3cd42c1b3b3cad8272eb6e1bfb06730c2
-
SHA512
b39c5ea8aea0640f5a32a1fc03e8c8382a621c168980b3bc5e2897932878003b2b8ef75b3ad68149c35420d652143e2ef763b6a47d84ec73621017f0273e2805
Score3/10 -
-
-
Target
$PLUGINSDIR/MyNsisExtend.dll
-
Size
596KB
-
MD5
37e4e1ab9aee0596c2fa5888357a63b0
-
SHA1
a5dba8c0a1bd936dca2b6a81f2dc9a3005f1a2b6
-
SHA256
ff4b245fea98cedd881ca102468623a449a0b40df0c557dd8a6ea32e788d56fe
-
SHA512
5cbab2872683079c6cc09423a2baf7107b5ac5731f336cd237fa93a4a4ee53a127963dc0ec0dbc6168b9b3d2c3a881c7663ce4ecd84d964628dd566395d49bb3
-
SSDEEP
12288:1QXznhWxifqPG8yDAay0BQeMrtQW27ZJ6ObWTE5lqtmsVsIdj:1QXznYybPJnWTE5lqwsKG
-
Executes dropped EXE
-
Loads dropped DLL
-
Drops file in System32 directory
-
-
-
Target
$PLUGINSDIR/NSISdl.dll
-
Size
14KB
-
MD5
a5f8399a743ab7f9c88c645c35b1ebb5
-
SHA1
168f3c158913b0367bf79fa413357fbe97018191
-
SHA256
dacc88a12d3ba438fdae3535dc7a5a1d389bce13adc993706424874a782e51c9
-
SHA512
824e567f5211bf09c7912537c7836d761b0934207612808e9a191f980375c6a97383dbc6b4a7121c6b5f508cbfd7542a781d6b6b196ca24841f73892eec5e977
-
SSDEEP
192:tUZTobBDJ68r67wmsvJI5ad9cXzFOVu+mZ/P3p+57CvpVqDxVp01Dwn2GRPgsfA:6Bo/680dCI5adOjFOg9//p27uNw2Go
Score3/10 -
-
-
Target
$PLUGINSDIR/System.dll
-
Size
67KB
-
MD5
bd05feb8825b15dcdd9100d478f04e17
-
SHA1
a67d82be96a439ce1c5400740da5c528f7f550e0
-
SHA256
4972cca9555b7e5dcb6feef63605305193835ea63f343df78902bbcd432ba496
-
SHA512
67f1894c79bbcef4c7fedd91e33ec48617d5d34c2d9ebcd700c935b7fe1b08971d4c68a71d5281abac97e62d6b8c8f318cc6ff15ea210ddcf21ff04a9e5a7f95
-
SSDEEP
1536:2IfbmtOpUtoqoQvfDrghNT+2w8mbJ1/NfSttVx:bfi4GoqVvbaNXubJ1JI
-
Executes dropped EXE
-
Loads dropped DLL
-
Drops file in System32 directory
-
-
-
Target
$PLUGINSDIR/locate.dll
-
Size
17KB
-
MD5
7d3317f57c1a368480ace3c0ca804eeb
-
SHA1
d4c7e185bc64aac82339f51ba6c21cf0713c9f1a
-
SHA256
d88a04c1e39db583eaad727fd390fe599ab10198ee040bfbdd22daefadbd2372
-
SHA512
5598c2e6caa2f66edd48f8c8305e054d4b0740b5f2b7ed92cf197a13ac66ba99a32013d34b3c2e28d007ab7979eb90a50681324eb736b1410e7df1902e4ec32a
-
SSDEEP
384:ev/vPBkA6dK8wiLe45naPji7hpx2kRV+qgm:evyvwiNnGji7Xxjc8
Score3/10 -
-
-
Target
$PLUGINSDIR/nsDialogs.dll
-
Size
9KB
-
MD5
c10e04dd4ad4277d5adc951bb331c777
-
SHA1
b1e30808198a3ae6d6d1cca62df8893dc2a7ad43
-
SHA256
e31ad6c6e82e603378cb6b80e67d0e0dcd9cf384e1199ac5a65cb4935680021a
-
SHA512
853a5564bf751d40484ea482444c6958457cb4a17fb973cf870f03f201b8b2643be41bccde00f6b2026dc0c3d113e6481b0dc4c7b0f3ae7966d38c92c6b5862e
-
SSDEEP
96:hBABCcnl5TKhkfLxSslykcxM2DjDf3GE+Xv8Xav+Yx4VndY7ndS27gA:h6n+0SAfRE+/8ZYxMdqn420
Score3/10 -
-
-
Target
$PLUGINSDIR/nsRandom.dll
-
Size
77KB
-
MD5
d86b2899f423931131b696ff659aa7ed
-
SHA1
007ca98f5d7921fe26fb9b8bd8a822dd5ae09ed6
-
SHA256
8935cba8e9b276daa357a809e0eca3bebf3fdc6d0d3466ab37fb2cbbfacd3a94
-
SHA512
9a4437ab484e4e22597c642d21b0107a063a208a582df3a5bf276466ad8d0ba9aeebac6de8dcf1372939984bb187d58e94c799918cfbe80e85c958bf0a537fc7
-
SSDEEP
1536:/lKXi95r2UwOpUtoqoQvfDrghNT+2w8mbJ1/NfSttVx:sgr2eGoqVvbaNXubJ1JI
-
Executes dropped EXE
-
Loads dropped DLL
-
Drops file in System32 directory
-
-
-
Target
$PLUGINSDIR/xml.dll
-
Size
175KB
-
MD5
0ad70d0ebf9562e53f2fd9518c3b04a3
-
SHA1
4de4487e4d1e87b782eceb3b74d9510cc28b0c70
-
SHA256
3bd4a099f0e0eefeaacfdba6c0ab760b6e9250167ba6a30eafaa668ca53ce5e9
-
SHA512
f75e089f7eb44071f227cd9705b8e44982429f889f93230e98095aac60afc1bdd39a010787235c171cd9fb9ead8023043b147022ab007e8cf1c3204064905719
-
SSDEEP
3072:vzjLkarn7O+n9z2L6whFtGF42bKgGoqVvbaNXubJ1JI:vzP7n7O7L6K2lqVvWIdjI
-
Executes dropped EXE
-
Loads dropped DLL
-
Drops file in System32 directory
-
-
-
Target
$TEMP/$_89_/MyNsisSkin.dll
-
Size
384KB
-
MD5
a6039ed51a4c143794345b29f5f09c64
-
SHA1
ef08cb5dfa598d9d5b43b8af49f54b2c7dac00d4
-
SHA256
95ae945504972cadcf2ccfb2b3d02ea8cade3ee53f2f2082e8b40b61f660877a
-
SHA512
0ed3d0c070bfd91e2355aec5a30ad5cbaf6949c965af5e0ee1ecf2edd5f5aeba3819b4667a0301f8b52c8fd56d3bae35fa4f77063d56c8f89055784d0c0a30a8
-
SSDEEP
6144:yOrNKQjNQnWqJolkFucBm1fXr9ICcYerKJbYm3IyU5qVvWIdjI:y4NKQjNQfqOuEm1fXncdrKJbJgtIdj
-
Executes dropped EXE
-
Loads dropped DLL
-
Drops file in System32 directory
-
-
-
Target
OpenAL32.dll
-
Size
168KB
-
MD5
5376a2179ee336fdd580b33e188b3b41
-
SHA1
71db8c33d7a259e535f408f41def92ac4a18acd1
-
SHA256
e3e20c91a105aa7a958a2c6bc1267e546c8c18ca5ef14806b788e9cf9dcdb5b8
-
SHA512
c51f9f3b104154c47e557d131d6f9735d38968d9268596a707c05c0d98449356f2bfa82184136b0408df89d2ae23217e21c8a40483286a9f9a360929bb735a74
-
SSDEEP
3072:zt/j93T459N5fhIhJt1xuTE1uH+NcWZwEdxXgR:ztrNyN5fEa+qWZ/O
-
Executes dropped EXE
-
Loads dropped DLL
-
Drops file in System32 directory
-
-
-
Target
SDL.dll
-
Size
2.0MB
-
MD5
b4acf6c845919c094ce74e0ab20155e1
-
SHA1
7209f946152f0dfd4ad4869bd9f5434b6d2efc4c
-
SHA256
549288fb9a81fd07a2e3505d39acf9d8b74ad1f7c62a29e6f04984f69f0778ca
-
SHA512
5cd1a80a2a37eb3a7e0cd8d04e35454630105d47b01bd2e965ef50a178825f3e93c26136f11219fd0b8e179cc56651538cd13edd9ed2e00999244fb254eb9343
-
SSDEEP
49152:3bgXeSJJW0VraVsI1V0+tVIjtW+JPZcS0Zo9h6o/H:3bgX5JW0VraVsI8H
Score1/10 -
-
-
Target
cg.dll
-
Size
4.7MB
-
MD5
b698513d3757545edc1328e6bea3eb15
-
SHA1
b8f3889dc32db6f9a8287b91d95952942743bfd0
-
SHA256
68d0bd4dbb3c1c26acc6a1c8741ec19f954b82571328edb3acd5bd2fd41bad82
-
SHA512
9c831c06130dd120012d3f5491c288682dfd8eda92813c83accefc2050b55ca42f71f965e182cfcb2666128041d7cdceaf03f8285d26d063bfcb909a3b24988e
-
SSDEEP
49152:8Pa020/OfOQka+NfXfkqa4B0vNv+sDEFs8cuO:8PP20/TvaUHkqaNWuEy
-
Executes dropped EXE
-
Loads dropped DLL
-
Drops file in System32 directory
-
-
-
Target
cgGL.dll
-
Size
360KB
-
MD5
625a3581a2caf73e6b7e0b0ea163cad9
-
SHA1
3723b0b6406bcd816729164676ef8e913bbdd849
-
SHA256
84c3920a91a3e644e99e3a9409b616db5b8b6651371b4c2e63a55a7e99077314
-
SHA512
89dfe1cb6d223146fff0413ac49f5214b81dd8f92917dbc512b5513f0f940b085f0b229343005453a7ee3e9ec4953c37521f75c797afd6eed06c3b0707a6e18a
-
SSDEEP
6144:mKKAmwtZtp6IbQymTQ3vUj5j4Hm4RVqRWc+qWZ/O:NKAmwtZtplSTysj5Am4g+z
-
Executes dropped EXE
-
Loads dropped DLL
-
Drops file in System32 directory
-
-
-
Target
glew32.dll
-
Size
260KB
-
MD5
2c12b6f28ffdd52edaa38bdd3ebf5c4e
-
SHA1
bc52f878bf30e196cb5260ebde2bacf35ca28216
-
SHA256
f7b6d84a1235fd0e7cc8aa70899ee22974bc4420167af3a2e4af31f6c48a44b2
-
SHA512
32ed972505c7580e269b1d14fccd3d88c2b455472a49571d3e99d070acd202b3c712b5b852290bacc15b817584ffaf0dce89c53ea40aba3b97bffbcb699378e4
-
SSDEEP
6144:f+6jV+Uog1eEecAnfzo8O9aORdhWfDwt30:fZjV+79O3Ub
Score3/10 -
-
-
Target
protozoa.exe
-
Size
446KB
-
MD5
e2483e0fbce7217101ba1e0cb49026c1
-
SHA1
62788e0e7c29811c87bcd636ad12c3f8db1d81b3
-
SHA256
2e8a4183f3340095e2aa0988d9c4c99d4fc724d21b36ae947797a16116187131
-
SHA512
88b8bac88b89ac494ad88ffd88abfce11a738021a15a30600850c9c0b5ebed1c3c78806cf0f9d6204d6afc5c6990b24fa876fa1e7270bc20db040c7eeda05c70
-
SSDEEP
6144:gVHYucgQtyqGplPZCragI0eG2IQ8CN99tPRsTPePBZva6KIaV7FqFPK/QXPj7QRx:gVY3yxCrab0H68g7SqBa97mUG1NT
-
Executes dropped EXE
-
Loads dropped DLL
-